From e155dd1b09e76e58719b90c40d842cb875f520ef Mon Sep 17 00:00:00 2001
From: James Kent <jamesdkent21@gmail.com>
Date: Fri, 3 Nov 2023 17:29:47 -0500
Subject: [PATCH] fix cors issue

---
 store/neurostore/core.py                | 16 +++++++++++++---
 store/neurostore/requirements.txt       |  3 +--
 store/neurostore/tests/api/test_crud.py |  5 +++++
 3 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/store/neurostore/core.py b/store/neurostore/core.py
index 92477f9e2..7e14d47a6 100644
--- a/store/neurostore/core.py
+++ b/store/neurostore/core.py
@@ -2,12 +2,13 @@
 from pathlib import Path
 from werkzeug.middleware.profiler import ProfilerMiddleware
 
+from connexion.middleware import MiddlewarePosition
+from starlette.middleware.cors import CORSMiddleware
 from authlib.integrations.flask_client import OAuth
 import connexion
 # from connexion.json_schema import default_handlers as json_schema_handlers
 from connexion.resolver import MethodResolver
 from flask_caching import Cache
-from flask_cors import CORS
 import sqltap.wsgi
 
 from .or_json import ORJSONDecoder, ORJSONEncoder
@@ -35,6 +36,16 @@
 
 openapi_file = Path(os.path.dirname(__file__) + "/openapi/neurostore-openapi.yml")
 
+# Enable CORS
+connexion_app.add_middleware(
+    CORSMiddleware,
+    position=MiddlewarePosition.BEFORE_ROUTING,
+    allow_origins=["*"],
+    allow_credentials=True,
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
 connexion_app.add_api(
     openapi_file,
     base_path="/api",
@@ -45,8 +56,7 @@
     validate_responses=os.getenv("DEBUG", False) == "True",
 )
 
-# Enable CORS
-cors = CORS(app)
+
 
 auth0 = oauth.register(
     "auth0",
diff --git a/store/neurostore/requirements.txt b/store/neurostore/requirements.txt
index 9118dc74b..1b7a845a8 100644
--- a/store/neurostore/requirements.txt
+++ b/store/neurostore/requirements.txt
@@ -1,12 +1,11 @@
 aniso8601~=8.1
 auth0-python~=3.16
 authlib~=0.15
-connexion[swagger-ui,uvicorn,flask]==3.0.0a7
+connexion[swagger-ui,uvicorn,flask]==3.0.0
 email-validator~=1.1
 flake8~=3.8
 flask~=2.0
 flask-caching~=2.0
-flask-cors~=3.0
 flask-dance~=3.2
 flask-shell-ipython~=0.4
 flask-migrate~=2.5
diff --git a/store/neurostore/tests/api/test_crud.py b/store/neurostore/tests/api/test_crud.py
index 1a43883e7..13f18aa66 100644
--- a/store/neurostore/tests/api/test_crud.py
+++ b/store/neurostore/tests/api/test_crud.py
@@ -87,6 +87,11 @@ def test_read(auth_client, user_data, endpoint, model, schema, session):
 
     expected_results = model.query.filter(query).all()
 
+    pre = auth_client.client.options(
+        f"/api/{endpoint}",
+        headers={'Origin': 'http://example.com', 'Access-Control-Request-Method': 'GET'}
+    )
+    assert pre.status_code == 200
     resp = auth_client.get(f"/api/{endpoint}/")
 
     assert resp.status_code == 200